shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-07 18:50:27 +09:00
Code Issues Packages Projects Releases Wiki Activity

server: Correctly handle extensions

Browse Source 
If the server had an RSA host key, it provided unconditionally SHA2
signatures without consulting the client proposed list of supported host
keys.

This commit implements more fine-grained detection of the extension
to provide the client with valid signatures according to RFC 8332
Section 3.1.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
(cherry picked from commit 27fe60954c)
This commit is contained in:
Jakub Jelen
2019-01-07 18:49:58 +01:00
committed by Andreas Schneider
parent d028b2495d
commit 0acfd81f85
3 changed files with 25 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/server.c
View File

@@ -523,7 +523,7 @@ static void ssh_server_connection_callback(ssh_session session){
* our supported extensions now. This is the first message after
* sending NEWKEYS message and after turning on crypto.
*/
if (session->extensions &&
if (session->extensions & SSH_EXT_NEGOTIATION &&
session->session_state != SSH_SESSION_STATE_AUTHENTICATED) {
ssh_server_send_extensions(session);
}